New physical attacks are quickly diluting secure enclave defenses from Nvidia, AMD, and Intel

Physical attacks are compromising the secure enclave defenses of Nvidia, AMD, and Intel, raising concerns about the true security of Trusted Execution Environments (TEEs). The TEE.fail attack, which was recently revealed, can bypass the latest protections from all three chipmakers by inserting a small hardware device between a memory chip and the motherboard slot. Unlike previous attacks, TEE.fail works against DDR5 memory, undermining the security of Confidential Compute, SEV-SNP, and TDX/SDX. Chipmakers and TEE users often overlook physical attacks in their threat models, leading to misconceptions about the level of protection these enclaves offer, particularly for servers on network edges.